<?php
include 'def.php';

header( 'content-type: application/json; charset=utf-8' );

$json_array = array( 'status'=>'error', 'error_id'=>'input', 'error_description'=>'request data error' );

session_start();

if( empty( $_GET ) )
{ /*do nothing*/ 
}
elseif( !isset($_GET['token']) || !isset($_GET['studentid']) || !isset($_GET['classid']) || !isset($_GET['type']) )
{/*do nothing*/
}
else{
	$studentid = $_GET['studentid'];
	$classid   = $_GET['classid'];
	$type      = $_GET['type'];
	$token	   = $_GET['token'];
	
	//echo( $studentid.' '.$classid.' '.$type.' '.$token );
	//need to uncomment the token
	if( /*$token != session_id() ||*/ !isValidMd5($studentid) || !isValidMd5($classid) )
	{	/*do nothing*/
	}
	else{
		$conn = mysql_connect( DBSERV, DBUSER, DBPASSWD ) or die( "Couldn't connect to database" );
		$db = mysql_select_db( DB ) or die( "Couldn't connect to database" );
							
		$query = "insert into rubric (studentid, classid, type) values ('$studentid', '$classid', $type)";
		
		$result = mysql_query( $query ) or die('Query_failed: '. mysql_error());
		
		if( $result )
			$json_array = array( 'status'=>'OK' );
	
	}
}
		
echo( json_encode($json_array) );

?>